Re: [PATCH] Fix memory overwriting issue when copy an address to user space

From: Jakub Kicinski
Date: Fri Jul 17 2020 - 13:50:17 EST

Next message: Saravana Kannan: "Re: [PATCH v2] irqchip: Add IRQCHIP_PLATFORM_DRIVER_BEGIN/END and IRQCHIP_MATCH helper macros"
Previous message: Rob Herring: "Re: [PATCH v4 5/9] media: staging: rkisp1: remove unecessary clocks"
In reply to: lebon zhou: "[PATCH] Fix memory overwriting issue when copy an address to user space"
Next in thread: David Miller: "Re: [PATCH] Fix memory overwriting issue when copy an address to user space"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 17 Jul 2020 10:31:54 +0000 lebon zhou wrote:
> When application provided buffer size less than sockaddr_storage, then
> kernel will overwrite some memory area which may cause memory corruption,
> e.g.: in recvmsg case, let msg_name=malloc(8) and msg_namelen=8, then
> usually application can call recvmsg successful but actually application
> memory get corrupted.
>
> Fix to return EINVAL when application buffer size less than
> sockaddr_storage.
>
> Signed-off-by: lebon.zhou <lebon.zhou@xxxxxxxxx>

Please repoist CCing the netdev mailing list.

Next message: Saravana Kannan: "Re: [PATCH v2] irqchip: Add IRQCHIP_PLATFORM_DRIVER_BEGIN/END and IRQCHIP_MATCH helper macros"
Previous message: Rob Herring: "Re: [PATCH v4 5/9] media: staging: rkisp1: remove unecessary clocks"
In reply to: lebon zhou: "[PATCH] Fix memory overwriting issue when copy an address to user space"
Next in thread: David Miller: "Re: [PATCH] Fix memory overwriting issue when copy an address to user space"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]